scrt.link
scrt.link

The Slack App

Some things better not stay in your chat history.
Slack conversations are never fully private. Did you know that a systems administrator or your boss could potentially read your Slack messages? With the scrt.link App you can now protect sensitive information within your Slack conversation.
Screenshot
Add to Slack

Secrets for Slack

It's a very common scenario: A coworker asks you for some access token, API key or password. Now, you can safely respond.

Key Features

  • Create one-time secrets via shortcut or slash command.

  • Encrypted, disposable messages that are stored outside of Slack.

  • Burn notification after a secret has been viewed.

  • No logs, no backup, no trace.

    👉 Install now


Important information about security limitations

Due to the nature of how Slack apps are designed, full end-to-end encryption is not possible. We take a number of steps to make sure your secrets are safe, including encrypted connections, sandboxed application server, limited access to infrastructure, etc. In 99% of use cases this is fine and a risk worth taking - still, Slack is proprietary software where we don't have control over. In other words, if you need advanced protection, create secrets on the website instead.

How to use

Slash Command

The easiest and most versatile option is to use a slash command (/scrt)

Example: Image

  • /scrt opens a dialog to create a secret.
  • /scrt [secret goes here…] creates a secret link instantly (of type Text).
  • /scrt [text|link|neogram] opens a dialog to create a specific type of secret.
  • /scrt help: opens a help dialog.

Slack Shortcuts

There are global and message level shortcuts available.

  • Click ⚡️ to access global shortcuts and choose scrt.link.
  • Within a conversation, click the context menu icon (3 dots) and choose Reply with a secret.

Image

Read Receipts

This is a built in feature. You get notified when a secret has been viewed. We use a 🔥 emoji to indicate when a secret has been burned and the link is therefore no longer available. Image

FAQ

Frequently asked questions about the Slack App.

The honest answer: We can't know for sure. It's important to understand that end-to-end-encryption is not possible with Slack apps. However, the communication between our app server and Slack is encrypted and we therefore believe that for 99% of use cases it's safe to use. Still, please be aware that Slack is proprietary software and we don't have control over code that runs your Slack instance. In case you need to be 100% sure, create secrets via the website instead.

Short answer: Don't. That said, we believe in trust through transparency. While you might have something to hide, we don't. That's why all code is open source and available on Gitlab. Feel free to launch your own private Slack App.

We only store data that is necessary to run the app. When you install the app, you grant us specific access rights (e.g. the right to post a secret link in your name). This data includes basic user information as well as the individual authorization tokens. Additionally, we temporarily store data required for read receipts.
We don't store any other data. We do not use data for any other purpose, nor do we sell or distribute any of that.

We are working on submitting the app to the Slack App Directory to get officially listed. This process may take several weeks to complete.

The app requires basic information about the user, channels and conversations. Additionally, the app needs the permission to post in your name, join a conversation and make use of slash commands and shortcuts. You'll get more detailed information about permission scopes during the app installation.

No. Currently not. You are welcome.

No. You are very welcome. But, you may of course support this project with a paid subscriptions regardless 🤓.

Add to Slack